Cybersecurity Articles

98/69 Wednesday, February 18, 2026 A serious security vulnerability has been discovered in the systems of DavaIndia Pharmacy, one of India’s major pharmacy chains operated by Zota Health Care Ltd. The flaw could have allowed malicious actors to access customer order information and escalate privileges to gain full administrative control of the platform. This posed […]

97/69 Wednesday, February 18, 2026 Dutch authorities have arrested a 40-year-old man at his residence in Ridderkerk on charges of computer intrusion and attempted extortion. The case began after a police officer mistakenly sent the man a download link to confidential government documents instead of a link intended for uploading evidence related to a case. […]

96/69 Tuesday, February 17, 2026 Microsoft Threat Intelligence has identified a new variant of the ClickFix social engineering campaign that shifts from delivering malware over HTTP to using DNS as a staging channel. Victims are tricked into opening the Windows Run dialog (Win+R) and executing the nslookup command, which connects to a DNS server controlled […]

95/69 Tuesday, February 17, 2026 Google has released an emergency security update to address a high-severity zero-day vulnerability in the Chrome browser that has been actively exploited in the wild. The flaw, tracked as CVE-2026-2441, is a use-after-free vulnerability in Chrome’s CSS processing component. It marks the first actively exploited Chrome zero-day of 2026, following […]

94/69 Tuesday, February 17, 2026 Microsoft has announced a fix for a Windows 11 system error that caused devices to display the “UNMOUNTABLE_BOOT_VOLUME” message or become stuck on a black screen prompting a restart, preventing users from accessing their systems. The issue primarily affected commercial (enterprise) devices following the installation of security updates earlier this […]

93/69 Monday, February 16, 2026 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the BeyondTrust vulnerability CVE-2026-1731 (CVSS 9.9) to its Known Exploited Vulnerabilities (KEV) catalog after confirming evidence of active exploitation. The flaw is an OS Command Injection vulnerability affecting certain versions of BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) […]

92/69 Monday, February 16, 2026 Figure Technology Solutions, Inc., a U.S.-based fintech company that develops blockchain-powered lending platforms, has confirmed a data breach after one of its employees fell victim to a social engineering attack. As a result, threat actors were able to access and exfiltrate a limited number of company files. A company spokesperson […]

91/69 Monday, February 16, 2026 Cybersecurity researchers have identified more than 300 Google Chrome extensions exhibiting spying and data-stealing behavior, affecting users worldwide with a combined total of over 37.4 million downloads. Network traffic analysis revealed that at least 153 of these extensions begin transmitting users’ browsing history and search engine queries immediately after installation. […]

90/69 Friday, February 13, 2026 The Google Threat Intelligence Group (GTIG) has revealed that several state-backed hacker groups and advanced persistent threat (APT) actors have begun leveraging the Google Gemini model to support multi-stage cyberattacks. Observed activities include reconnaissance, generating phishing and social engineering content, writing and refining code, and testing target vulnerabilities. Attackers were […]

89/69 Friday, February 13, 2026 Ivanti has released security updates to address more than ten vulnerabilities in its Endpoint Manager (EPM) product, including a critical flaw that could allow threat actors to access sensitive data without authentication. The vulnerability, tracked as CVE-2026-1603 with a CVSS score of 8.6, is an authentication bypass issue affecting Ivanti […]